Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


2GB RAM VPS
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

2GB RAM VPS

cyanogeniccyanogenic Member
edited April 2018 in Requests

Looking to self-host Bitwarden, but it needs 2GB ram. I currently have a €1 VPS with Aruba but that doesn't have enough ram.

So my requirements are literally just what BitWarden requires:

Processor: x64, 1.4GHz or faster

Memory: 2GB of RAM or more

Storage: 10GB or more

Location: Europe (I'm UK based)

Budget: <€5

Anyone have recommendations?

UPDATE: Have signed up with Inception Hosting. Thx

Comments

  • omelasomelas Member
    edited April 2018

    Why don't you use keepassxc and put your database file at your €1 VPS? Then access it by sftp or webdev or whatever. (use local keyfile (this one doesn't change) for safety)

  • I'm currently using Keepass 2 myself, and if keepasscx is anything like that, then the whole browser plugin malarky is just a lot of faff, and I can't recommend my non-technical parents / family members use that on a daily basis. They would just resort to writing things down or using really insecure passwords (like they do now)

    I started using bitwarden (free version) last week and I really like it so far, and it seems like something that I can just set up and download the plugin for them, then they can just unlock it when they open the browser for the day.

  • FalzoFalzo Member
    edited April 2018

    if your budget is monthly, then there is plenty of easy options. check hetzner, ultravps (includes UK), netcup - see my sig ;-)

    edit: also check the offer section to find more from fellow members, like this https://www.lowendtalk.com/discussion/141827/uk-kvm-ssd-cached-back-in-stock ...

    Thanked by 1UltraVPS
  • AnthonySmithAnthonySmith Member, Patron Provider

    If you can consider adding a few cents on then I have just posted a 2GB KVM UK Offer here: https://www.lowendtalk.com/discussion/141827/uk-kvm-ssd-cached-back-in-stock

  • @AnthonySmith said:
    If you can consider adding a few cents on then I have just posted a 2GB KVM UK Offer here: https://www.lowendtalk.com/discussion/141827/uk-kvm-ssd-cached-back-in-stock

    Looks pretty good, will put it on my list to consider :)

  • UltraVPSUltraVPS Member, Patron Provider

    Hi @cyanogenic,

    we can offer the following in Amsterdam, Düsseldorf and London:

    Cloud Special-2

    • 2 GB RAM
    • 2 CPU cores
    • 50 GB redundant SSD storage (ZFS based)
    • 1 TB Monthly Transfer (in+out)
    • 1 IPv4 address
    • 10 IPv6 addresses (from your own /64 IPv6 subnet)
    • Contract term: 12 months
    • Available in Amsterdam (Netherlands), Duesseldorf (Germany), Dallas (USA), London (UK), Los Angeles (USA)

    40 EUR per year incl. VAT (~ 40 USD excl. VAT)

    [ORDER]

    Looking glasses

    Do you have any questions? Please do not hesitate to drop us a mail at [email protected].

  • cyanogenic said: They would just resort to writing things down or using really insecure passwords (like they do now)

    Why not the pw store built into the browser? I use that and have never figured out why people want to put their passwords online. Is it for cross-device logins? Maybe it's time for sites to start accomodating that by letting people use multiple credentials.

  • UltraVPS said: 2 CPU cores

    Couldn't see what CPU you use for your packages, can you let me know please?

  • @willie said:

    cyanogenic said: They would just resort to writing things down or using really insecure passwords (like they do now)

    Why not the pw store built into the browser? I use that and have never figured out why people want to put their passwords online. Is it for cross-device logins? Maybe it's time for sites to start accomodating that by letting people use multiple credentials.

    If you're saving it to browser, then aren't you already putting your password online? It'll sync to google or firefox servers right? Or do you have it on local PC only?

    But yes, would have to be cross-device compatible as well, as I'll be migrating myself to Bitwarden too.

  • williewillie Member
    edited April 2018

    cyanogenic said: Or do you have it on local PC only?

    Local PC only. Uploading a password to a server (especially someone else's server) always seemed like a crazy idea to me.

    I don't know exactly what bitwarden is, but if it needs 2gb of ram for something as simple as a password vault, that suggests that its implementers are clueless about programming. So anything they write should be considered suspect in terms of security.

  • @willie said:

    cyanogenic said: Or do you have it on local PC only?

    Local PC only. Uploading a password to a server (especially someone else's server) always seemed like a crazy idea to me.

    Unfortunately, it's a trade off between security/privacy and convenience. I like Bitwarden's free service but I have no control over the data on there at all, at least with a VPS I will at least have some control, even if I don't have physical access to the server.

  • @cyanogenic said:

    @willie said:

    cyanogenic said: They would just resort to writing things down or using really insecure passwords (like they do now)

    Why not the pw store built into the browser? I use that and have never figured out why people want to put their passwords online. Is it for cross-device logins? Maybe it's time for sites to start accomodating that by letting people use multiple credentials.

    If you're saving it to browser, then aren't you already putting your password online? It'll sync to google or firefox servers right? Or do you have it on local PC only?

    And even if you don't sync passwords, the local copies are stored in plain text. So all you need is a rogue extension/program/script for everything to be compromised. At least with a password manager everything is encrypted when you're not using it.

    @cyanogenic is the browser plugin a hard requirement? If it is not, KeeWeb has a very friendly UI, uses KeePass databases under the hood, and you can host it using a fraction of the resources that BitWarden requires.

  • cyanogenic said: at least with a VPS I will at least have some control, even if I don't have physical access to the server.

    Sure, that helps, and it also helps that bitwarden's source code is available. But you probably also want some kind of failover, in case your VPS has downtime. I still don't see a convincing use case for this type of product, which I guess means I'm a luddite.

  • andreipoe said:

    And even if you don't sync passwords, the local copies are stored in plain text.

    No they're not, at least in firefox.

    So all you need is a rogue extension/program/script for everything to be compromised.

    If your local machine is pwned you are hosed no matter what. I sometimes think of sandboxing the browser in a VM which could help a little, but it gets messy.

  • @willie said:

    cyanogenic said: at least with a VPS I will at least have some control, even if I don't have physical access to the server.

    Sure, that helps, and it also helps that bitwarden's source code is available. But you probably also want some kind of failover, in case your VPS has downtime. I still don't see a convincing use case for this type of product, which I guess means I'm a luddite.

    Bitwarden really fits my use case of user-friendly UI (so usable by not just me, but for non-techy family members, open source, self-hostable, and browser/device agnostic (I'm android, most of my family is apple). But each to their own, this is the beauty of technology :)

  • williewillie Member
    edited April 2018

    cyanogenic said: user-friendly UI

    Right that's what I mean, I don't understand how the browser store is unfriendly. I haven't used bitwarden though. Sure there are differences between browsers, but won't people be comfortable with the browsers they use, and not have to worry about browsers they don't use? Is there a real situation where non-technical users share a lot of different passwords between multiple devices AND have to update them frequently?

    I could imagine wanting to share one or two passwords but in practice not more than that, and they would rarely change. I actually get by without sharing any at all (separate desktop and mobile credentials for my email account, and I don't log into anything else from the phone) but could see how a few shared ones could be useful.

  • UltraVPSUltraVPS Member, Patron Provider

    cyanogenic said: Couldn't see what CPU you use for your packages, can you let me know please?

    That's depends on the server location. In London we use E5-2680v2 CPUs only.

  • andreipoeandreipoe Member
    edited April 2018

    @willie said:

    andreipoe said:

    And even if you don't sync passwords, the local copies are stored in plain text.

    No they're not, at least in firefox.

    I stand corrected. I looked it up, and they are encrypted in Chrome (using a Windows API and generating keys based on your login password), too. I seem to remember this incident from about half a year ago where either you could somehow bypass this, or the credentials were exposed at some point, effectively cancelling out any benefit the encryption provided. However, I can't find any reference to this now, so I may even be imagining it.

    So all you need is a rogue extension/program/script for everything to be compromised.

    If your local machine is pwned you are hosed no matter what. I sometimes think of sandboxing the browser in a VM which could help a little, but it gets messy.

    Have you seen Firejail? If you're on linux, it lets you run various applications in a sandbox and define what they are and aren't allowed to access. I've been meaning to try this for a long time, but I keep putting it off...

    Edit: spelling.

  • williewillie Member
    edited April 2018

    andreipoe said: Have you seen Firejail?

    I've heard of it but haven't checked into it. I probably should. Thanks.

Sign In or Register to comment.